package com.guangfeng.yql.security.interceptor;

import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.text.StrFormatter;
import com.guangfeng.yql.comm.util.HttpContextUtils;
import com.guangfeng.yql.comm.util.StringUtils;
import com.guangfeng.yql.security.SecurityUtil;
import com.guangfeng.yql.security.annotation.Permission;
import com.guangfeng.yql.security.annotation.SkipLogin;
import com.guangfeng.yql.security.bean.LoginUser;
import com.guangfeng.yql.security.config.WhiteConfig;
import com.guangfeng.yql.security.exception.BusinessException;
import com.guangfeng.yql.security.exception.PermissionException;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;

@Slf4j
@Component
public class MethodInterceptorImpl implements HandlerInterceptor {
    @Autowired
    WhiteConfig whiteConfig;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        check((HandlerMethod) handler);
        return HandlerInterceptor.super.preHandle(request, response, handler);
    }

    public void check(HandlerMethod handlerMethod) {
        if (HttpContextUtils.getHttpServletRequest() == null) {
            return;
        }
        // 获取 请求uri
        String uri = HttpContextUtils.getHttpServletRequest().getRequestURI();
        // 判断uri 是否是在白名单中
        if (CollUtil.isNotEmpty(whiteConfig.getUrls())) {
            for (String url : whiteConfig.getUrls()) {
                if (StringUtils.isMatch(url, uri)) {
                    return;
                }
            }
        }


        Method method = handlerMethod.getMethod();
        checkLogin(method);
        checkRole(method);

    }

    @SneakyThrows
    public void checkLogin(Method method) {
        log.info("登录认证");
        SkipLogin annotation = method.getAnnotation(SkipLogin.class);
        if (annotation != null) {
            return;
        }
        LoginUser<Object> user = SecurityUtil.getLoginUser();
        if (user == null) {
            throw new BusinessException("请先登录");
        }

    }

    @SneakyThrows
    public void checkRole(Method method) {
        log.info("权限认证");
        Permission annotation = method.getAnnotation(Permission.class);
        if (annotation == null) {
            return;
        }
        if (!annotation.isRole() && !annotation.isPermission()) {
            return;
        }

        LoginUser<Object> loginUser = SecurityUtil.getLoginUser();
        if (annotation.isRole()) {
            if (annotation.hashRoles() != null) {
                for (String role : annotation.hashRoles()) {
                    if (loginUser.getRoles().contains(role)) {
                        return;
                    }
                }
                throw new PermissionException(StrFormatter.format("当前用户 \"{}\" 无此权限", loginUser.getNickName()));
            }
        }
        if (annotation.isPermission()) {
            if (annotation.hasPermissions() != null) {
                for (String permissions : annotation.hasPermissions()) {
                    if (loginUser.getPermissions().contains(permissions)) {
                        return;
                    }
                }
                throw new PermissionException(StrFormatter.format("当前用户 \"{}\" 无此权限", loginUser.getNickName()));
            }
        }
    }
}
